In recent years, with dramatic advances in information technologies, the computer is involved in daily life, working, and learning as a useful tool consequentially. However, sometimes the computer is accessed by malicious people through unauthorized means, which may cause incalculable loss. Preventing unauthorized access to the computer system becomes an important problem on computer information security.
To resolve this problem, a user name and password combination is often used to protect the computer system from being intruded by unauthorized users. But the password assigned by users tends to be too simple, and can be cracked easily. Once it is figured out by malicious people, the password protection will lose its effect.
The two-factor authentication that uses the hardware, such as an identity authentication key or a smart card, in combination with a password or biometrics for higher security is also applied in logging on the computer system. Obviously, the security is increased in this way. When a user is to log on the system, a hardware device that has been registered with this computer is required, as well as the user name and password combination.
The unauthorized users who can crack the password of a valid user are blocked in this way.
The above two methods are intended for the normal situation. However, the hardware device of the two-factor authentication does not work under Windows safe mode, because its driver cannot be found under this mode. The malicious people may seize this vulnerability to log on the system to get the confidential information. Moreover, the hardware device is possibly not cost-effective for most of the ordinary users.